GO PHISH
decision that will move business forward at the speed of innovation . We should look at the gaps in our organisations and find collaborative solutions and partnerships that allow our teams to get laser-focused on what we actually do well .
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions ?
Organisations should be taking a global approach to cybersecurity . We are all facing the same threats . They should remember to consider the little things when it comes to cybersecurity as they have a habit of adding up and leading to big costs .
Most attackers will usually start with trying to exploit the most common and easiest point of entry , so businesses must ensure they have an Identity and Access Management ( IAM ) system in place that leverages best practices ( captcha , MFA , adaptive authentication ) as this is a great first step in drastically minimising the more sophisticated compromises and data breaches .
Change management is as important as hardening and patching systems . System updates and configuration changes often require administrators to reset various configurations upon completion . Forgetting to do this can leave the doors open for attacks .
Permissions and access management are also important . Preventing lateral movement inside your organisational network can be critical in minimising damage . Ensuring that only authorised users have access is critical , which includes managing credentials of termed employees , using privileged accounts and leveraging technology to manage user access .
Lastly , you really need to have a Business Continuity plan in place . This needs to be a realistic and actionable plan – and must be tested . When doing so , it ’ s important to create a plan that makes sense for the industry that you ’ re in and understand exactly what your tolerance is for outages and downtime .
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
Two months into my role as CISO , Auth0 was acquired by Okta and together we are creating the future of digital identity .
This is one of the most exciting times in my career and moving at the speed of innovation will be pivotal to that future .
What advice would you offer somebody aspiring to obtain a C-level position in the security industry ?
One of my passions for the security industry is to see more women around the boardroom table and at an executive level .
Our industry is still largely dominated by men , but one of the factors that really helped me get to where I am today was having a strong group of mentors and champions that I could turn to throughout critical points in my career .
I would advise any female looking to obtain a C-level position to surround herself with a similar group of mentors and champions that they can lean on , and who will provide opportunities to grow and succeed .
Another one of my top tips is for people to really seize every opportunity possible to grow and learn . Your career journey is whatever you make it and progress can be achieved in many ways other than receiving a promotion . u
72 www . intelligentciso . com